Search squid archive

Re: squid setup in a DMZ 1 -->DMZ-2 ---> to give internet access to a LAN machine (where weblogic needs internet access)

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



kk CHN wrote:
People  ;


 I have  2 server boxes one   in DMZ-1 and  the other in DMZ-2 ,
DMZ-1  machine having internet  connection,DMZ-2 not having Internet
connection, an application in  weblogic appserver   (thats in a LAN
machine which can communicate only with  DMZ -2 machine) .


Note:
(  In this LAN machine  there is the HTTP Proxy (host name , proxy
port   etc ..) directives   for  weblogic server  to configure   )..



 How can I make the LAN machine to access Internet(  InterNet --->
DMZ-1 ---> DMZ-2--->LAN machine with Weblogic)   ?

where are  all I have to use   squid   inorder to  make  the LAN
machine to access the internet  ?

Two ways to do this:

1) route traffic from weblogic machine going to port 80, out via DMZ-2 then via DMZ-1. Open your firewalls just for that machine when it connects out and the response coming back.

2) Install another Squid in DMZ-2, config the weblogic machines squid to use it as parent for access. AND install squid in DMZ-1, config the DMZ-2 squid to use it as parent for access. AND configure each squid down the chain to only allow the weblogic machines requests out and replies back.


(1) is really the preferred method. Much simpler, thus easily secured, and it does not involve setting up several copies of new possibly breachable software just to get one machine web access.


Amos
--
Please use Squid 2.7.STABLE4 or 3.0.STABLE9

[Index of Archives]     [Linux Audio Users]     [Samba]     [Big List of Linux Books]     [Linux USB]     [Yosemite News]

  Powered by Linux